Setting Up and Configuring the Router
Firewall
Cisco RVS4000 Security Router with VPN Administrator Guide
47
5
HTTPS
This option limits access to the configuration utility from the WAN to https
sessions only. An https session uses SSL encryption, which provides better
protection for your remote session than does http. The default is
Enable
.
•
Remote IP address
Select the appropriate value to specify which external
IP address(es) can access the router.
•
Any IP Address
Allows access from any external IP address.
•
Single IP Address
Allows access from the single IP address that you enter
in the field provided.
•
IP Range
Allows access from a range of IP addresses that you enter in the
field provided.
•
Subnet
Allows access from the Subnet that you enter in the field provided.
Remote Upgrade
This option allows you to upgrade the router remotely. To allow
remote upgrade, select Enable. The Remote Management feature must be set to
Enable as well. The default is
Disable
.
Multicast Passthrough
If an IGMP Proxy is running on the router, enable this
feature to allow IP Multicast traffic to come in from the Internet. The default is
Disable
.
SIP Application Layer Gateway
When this feature is enabled, the SIP Application
Layer Gateway (ALG) allows Session Initiation Protocol (SIP) packets (used for
Voice over IP) to traverse the NAT firewall. You can disable this feature if the VoIP
service provider uses other NAT traversal solutions such as STUN, TURN, and ICE.
Block
Place a checkmark next to the Web features that you wish to restrict.
•
Java
Java is a programming language for websites. If you deny Java, you
run the risk of not having access to Internet sites that use this programming
language.
•
Cookies
A cookie is data stored on your PC and used by Internet sites
when you interact with them, so you may not want to deny cookies.
•
ActiveX
ActiveX is a Microsoft (Internet Explorer) programming language
for websites. If you deny ActiveX, you run the risk of not having access to
Internet sites that use this programming language. Also, Windows Update
uses ActiveX, so if this is blocked, Windows update will not work.
•
Access to Proxy HTTP Server
If local users have access to WAN proxy
servers, they may be able to circumvent the router’s content filters and
access Internet sites blocked by the router. Denying Proxy will block access
to any WAN proxy servers.